Method for simulcrypting scrambled data to a plurality of conditional access devices

ABSTRACT

One embodiment of the invention relates to an apparatus comprising an input, a descrambler unit and a re-scrambler unit. The input is adapted to receive scrambled content. The descrambler unit is coupled to the input. The descrambler unit descrambles the scrambled content in order to recover unscrambled content and concurrently routes both the unscrambled content over a first communication link for display on a display device and the unscrambled content over a second communication link. The re-scrambler unit is coupled to the second communication link. The re-scrambler unit is adapted to scramble the unscrambled content to produce re-scrambled content for transmission.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation of application Ser. No. 10/209,341,filed Jul. 30, 2002, now U.S. Pat. No. 7,702,589, which is a Divisionalbased upon and claims the benefit of priority from Ser. No. 09/437,590,filed Nov. 9, 1999, now U.S. Pat. No. 7,039,614, the entire contents ofwhich are incorporated herein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to digital devices. More specifically, thepresent invention relates to a copy management system and method forcontrolling the reproduction and recording of digital content on andfrom at least one digital device.

2. General Background

Analog communication systems are rapidly giving way to their digitalcounterparts. Digital television is currently scheduled to be availablenationally to all consumers by the year 2002 and completely in place bythe year 2006. High-definition television (HDTV) broadcasts have alreadybegun in most major cities on a limited basis. Similarly, the explosivegrowth of the Internet and the World Wide Web have resulted in acorrelative growth in the increase of downloadable audio-visual files,such as MP3-formatted audio files, as well as other content.

Simultaneously with, and in part due to, this rapid move to digitalcommunications system, there have been significant advances in digitalrecording devices. Digital versatile disk (DVD) recorders, digital VHSvideo cassette recorders (D-VHS VCR), CD-ROM recorders (e.g., CD-R andCD-RW), MP3 recording devices, and hard disk-based recording units arebut merely representative of the digital recording devices that arecapable of producing high quality recordings and copies thereof, withoutthe generational degradation (i.e., increased degradation betweensuccessive copies) known in the analog counterparts. The combination ofmovement towards digital communication systems and digital recordingdevices poses a concern to content providers such as the motion pictureand music industries, who desire to prevent the unauthorized anduncontrolled copying of copyrighted, or otherwise protected, material.

In response, there is a movement to require service providers, such asterrestrial broadcast, cable and direct broadcast satellite (DBS)companies, and companies having Internet sites which providedownloadable content, to introduce protection schemes. Two such copyprotection systems have been proposed by the 5C group of the Data HidingSub Group (DHSG) (5C comprising representatives of Sony, Hitachi,Toshiba, Matsushita, and Intel) and the Data Transmission DiscussionGroup (DTDG), which are industry committee subgroups of the CopyProtection Technical Working Group (CPTWG). The CPTWG represents thecontent providers, computer and consumer electronic productmanufacturers.

The DTDG Digital Transmission Copy Protection (DTCP) proposal istargeted for protecting copy-protected digital content, which istransferred between digital devices connected via a digital transmissionmedium such as an IEEE 1394 serial bus. Device-based, the proposal usessymmetric key cryptographic techniques to encode components of acompliant device. This allows for the authentication of any digitaldevice prior to the transmission of the digital content in order todetermine whether the device is compliant. The digital content is itselfencoded prior to transmission so that unauthorized copying of thecontent will result in copy having an unintelligible format.

One method of encoding the content has been proposed by the DHSG, and isbased on watermarking techniques. Although the main focus of the DHSGproposal has been for copy protection of digital movie and videocontent, particularly as applied to DVD systems, it is expected to beapplicable to the copy protection of any digital content distributedelectronically via digital broadcasts and networks. The watermarkingtechniques, which are invisible to the user, allow the incoming contentto be marked in a manner that makes it extremely difficult to discernprecisely how the content was encoded, and thus extremely difficult toremove or alter the watermark without damaging the content. The DHSG hasdetermined three primary cases of detection and control that such atechnology should accomplish: playback, record and generational copycontrol. It is anticipated that the watermarking technology will allowthe content provider to specify at least whether the content is “copynever,” “copy once,” and “copy free” content. “Copy never” is used tomark digital content to indicate that the content is not allowed to becopied, while “copy free” indicates that the content may be copiedfreely and which can be marked with additional information. This isdifferent than material that is never marked. Finally, “copy once” isused to indicate that the digital content is allowed to be copied onlyonce. As a copy is being made, the original “copy once” content and thenewly copied content are re-marked with “no more copy.” Of course, othertypes of copy management commands may limit the playing or reproductionof such digital content; for example, to a specific period of time,duration, or number of plays or viewings.

Thus, even today, the functionality of digital devices such as set-topboxes, digital televisions, digital audio players, and similar suchdigital devices extends beyond their historical role of conditionalaccess (CA), i.e., merely descrambling content to a CA-clear format forreal-time viewing and/or listening, and now include constraints andconditions on the recording and playback of such digital content. Forexample, currently, copying of scrambled content for subsequentdescrambling and viewing or listening may be permitted with theappropriate service/content provider authorization or key provided tothe digital device.

A disadvantage of such digital devices is that do not allow thesimultaneous viewing of content in a CA descrambled format (hereinafterreferred to as “descrambled content”) and the recording of content in aCA-scrambled content (hereinafter referred to as “scrambled content”),both of which are typically copy-protected, using, for example, somesort of watermarking process, as proposed by the DHSG. Thus, the digitaldevices support either the viewing of descrambled content or therecording of such scrambled content, but not both. Additionally, inthose instances where the digital device is connected to other digitaldevices over a transmission medium via a digital interface, there mayalso be additional encoding at the digital interface prior to input intothe transmission medium; e.g., using the 5C-proposed copy-protectionscheme. In such cases, the viewable form, e.g., descrambled content,with “copy never” attributes would not be recordable by downstreamdevices. However, the non-viewable, or scrambled, content wouldtypically have “copy free” attributes. As the simultaneous viewing ofdescrambled content and the recording of scrambled content is notpossible under these scenarios, it is difficult to “time shift”copy-protected content and impossible to record a scrambled programwhile it is being viewed, even though such recording is for theviewer's/listener's sole entertainment at a later point in time. Bothare considered desirable by viewers, listeners and other consumers.

Therefore, in view of the interests of the aforementioned viewers,listeners and other consumers, it would be desirable to provide a systemthat allows for the simultaneous viewing, listening or playing ofdescrambled content and recording of the scrambled content which alsoaddressed the concerns of the various content providers.

SUMMARY

In accordance with an embodiment of the present invention, a method forstoring a normal scrambled digital program is provided. The methodincludes receiving a scrambled program, and receiving a plurality ofaccess requirements. Each access requirement can descramble thescrambled program. The method also includes selecting at least one ofthe access requirements, and storing the scrambled program and theselected requirement.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention is illustrated by way of example and not by way oflimitation in the figures of the accompanying drawings, in which likereferences indicate similar elements and in which:

FIG. 1 is a block diagram of an exemplary entertainment system includingone embodiment of a digital device;

FIG. 2 is a block diagram of one embodiment of a digital receiver of thedigital device;

FIG. 3 is a block diagram of one embodiment of the conditional accessunit of the copy management system of the present invention;

FIG. 4 is a block diagram of an embodiment of the conditional accessunit of the system of the present invention; and,

FIG. 5 is a block diagram of an embodiment of the digital receiver ofthe digital device.

FIG. 6 is a block diagram of an embodiment of the digital receiver ofthe digital device.

FIGS. 7, 8, and 9 show embodiments of a filtering function.

FIG. 10 shows an embodiment of an apparatus including conditional accessunits that can be simulcrypted.

FIG. 11 shows an embodiment of a method simulcrypted conditional accessunit.

FIG. 12 shows an embodiment of a method for simulcrypting scrambled datato a plurality of conditional access units.

FIG. 13 shows another embodiment of a method for simulcrypting scrambleddata to a plurality of conditional access units.

FIG. 14 shows an embodiment of a method for simulcrypting duringopportunistic bandwidth.

DETAILED DESCRIPTION

FIG. 1 is a block diagram of an entertainment system 100 including oneembodiment of the copy management system of the present invention. Theentertainment system 100 includes a digital device 110 for receiving adigital bitstream including program data from one or more serviceproviders. Such service or content providers can include terrestrialbroadcasters, cable operators, direct broadcast satellite (DBS)companies, companies providing content for download via the Internet, orany similar such content and/or service provider. The program data mayinclude system information, entitlement control messages, entitlementmanagement messages, content, and other data, each of which will bedescribed briefly. System information may include information on programnames, time of broadcast, source, and a method of retrieval anddecoding, and well as copy management commands that provide digitalreceivers and other devices with information that will control how andwhen program data may be replayed, retransmitted and/or recorded. Thesecopy management commands may also be transmitted along with entitlementcontrol messages (ECM), which are generally used by the conditionalaccess unit to regulate access to a particular channel or service.Entitlement management messages (EMM) may be used to deliver privilegesto the digital receiver 111 such as rights, access parameters, anddescrambling keys. As known, a decryption key is generally a code thatis required to restore scrambled data, and may be a function of therights granted. Finally, content in the program data stream may includeaudio and video data, which may be in a scrambled or clear format.

The digital device 110 includes a digital receiver 111, which processesthe incoming bitstream, extracts the program data therefrom, andprovides the program data in a viewable format. The thus extractedprogram data is then provided to a decoding unit 112 for furtherprocessing, including separation of the system information from thecontent, as well as decoding, or decompressing, of the content to itsoriginal form. The digital receiver 111 also regulates access to theprogram data by other components on the entertainment system 100, andaccording to one embodiment of the present invention, supports thesimultaneous transmission of program data having content in adescrambled format (hereinafter referred to as “descrambled content”)and program data having content in a scrambled format (hereinafterreferred to as “scrambled content”).

According to one embodiment of the present invention, the digital device110 is a digital television set where the digital receiver 111 is aset-top box integrated therein, and the decoding unit 112 is an MPEG(Motion Picture Experts Group) decoder. The digital television set'sdisplay (not shown) is, according to this embodiment, integrated withinthe digital device 110. Alternatively, it will be appreciated that thedigital device 110 may include only the digital receiver 111 and/or thedecoder unit 112, with a display being external to the decoding device110. An example of this embodiment would be an integratedreceiver/decoder (IRD) such as a stand-alone set-top box which outputsNTSC, PAL or Y_(ρ)B_(ρ)R signals. All such embodiments are includedwithin the scope of the present invention.

Digital device 110 may be coupled to other components in theentertainment system 100 via a transmission medium 120. The transmissionmedium 120 operates to transmit control information and data includingprogram data between the digital device 110 and other components in theentertainment system 100. It will be appreciated that the entertainmentsystem 100 of FIG. 1 is merely an exemplary embodiment, and that otheranalog and/or digital components may be added or substituted for thecomponents briefly described hereinafter.

Referring to FIG. 1, the entertainment system 100 may include an audiosystem 130 coupled to the transmission medium 120. The audio system 130may include speakers and an audio player/recorder such as a compact discplayer, a Sony MiniDisc® player, or other magneto-optical disc that maybe used to play and/or record audio data. A digital VCR 140, such as aD-VHS VCR, may also be coupled to the digital device 110 and othercomponents of the entertainment system 100 through the transmissionmedium 120. As known, the digital VCR 140 may be used to record analogor digital audio, video, and other data transmissions, and according toan embodiment of the present invention, may be used to record programdata received by the digital device 110 and transmitted to the digitalVCR over transmission medium 120.

A hard disk recording unit 150 may also be coupled to digital device 110and other components via transmission medium 120. The hard diskrecording unit 150 may be a personal computer system, a stand-alone harddisk recording unit, or other hard disk recording device capable ofrecording analog or digital audio, video and data transmissions. As withdigital VCR 140, according to one embodiment of the present invention,the hard disk recording unit 150, may be used to record program datareceived by the digital device 110 and transmitted to the hard diskrecording unit 150 over transmission medium 120.

Display 160 may include a high definition television display, a monitoror other device capable of processing digital video signals. In anembodiment where the digital device 110 is a stand-alone set-top box,display 160 may be a digital television set.

Finally, a control unit 170 may be coupled to the transmission medium120. The control unit 170 may be used to coordinate and control theoperation of some or each of the components on the entertainment system100, as well and other electronic devices remotely coupled thereto.

FIG. 2 is a block diagram of one embodiment of the digital receiver 111including the copy management system according to the present invention.The digital receiver 111 includes a central processing unit (CPU) 210,which controls the overall operation of the digital receiver 111, anddetermines the frequency in which a selected channel is broadcast orotherwise transmitted. This information is then transmitted to a tuner220, which then selects the appropriate frequency of the terrestrial,cable, satellite, or Internet transmission in which to receive theincoming digital bitstream, including program data. The CPU 210 may alsosupport a graphical user interface (GUI), such as an electronicprogramming guide (EPG), the latter allowing a user to navigate throughvarious channels and program options to select a desired channel orprogram for viewing, listening, recording and the like. The GUI may bedisplayed on either a display (not shown) of digital device 110 (e.g.,where digital device 110 is a digital television set), or on display 160(e.g., where digital device 110 is a stand-alone set-top box).

Once the tuner 220 has selected the appropriate frequency, it amplifiesthe incoming digital bitstream, and provides the output bitstream to ademodulator unit 230. The demodulator unit 230 receives the bitstreamfrom the tuner 220 and demodulates the bitstream to provide program dataas originally transmitted. The type of demodulation effected by thedemodulator unit 230 will of course depend on the type of transmissionas well as the modulation process used in the transmission process. Forexample, in the case of cable transmissions and Internet transmissionsreceived over cable modems, the demodulator unit 230 may performquadrature amplitude demodulation (QAD), while for satellite broadcasts,quadrature phase shift key (QPSK) demodulation will likely be required.Terrestrial broadcasts, will likely require vestigial side band (VSB)demodulation. The present invention is not limited to any one type oftransmission and modulation/demodulation scheme, and other schemes arewithin the scope and spirit of the present invention. In addition toeffecting the demodulation process, demodulator unit 230 may alsoperform error correction on the received bitstream.

The thus demodulated bitstream is now preferably provided to aconditional access unit 240. (That portion of the demodulated bitstreamthat is not encrypted may bypass the conditional access unit 240 and beprovided directly to the demultiplexer 250 as shown by the dashed linesin FIG. 2. This might also be the case where none of the bitstream needsdecrypting, and/or where there is no conditional access module). Theconditional access unit 240 generally performs key management anddecryption, as well as descrambling functions as follows.

Typically, if the CPU 210 determines that the program data in thedigital bitstream includes scrambled content, that program data isprovided to a conditional access unit 240. At this point the CPU 210 maytransmit packet identifier (PID) information to the conditional accessunit 240, such PID information informing the conditional access unit 240where in the program data the ECM may be found. The CPU 210 may insteadreceive the ECM and deliver it to the conditional access unit 240.Alternatively, the conditional access unit 240 may have demultiplexingcapabilities allowing it to directly obtain the location of the ECM fromthe bitstream itself. As discussed previously, the ECMs regulate auser's access to a particular channel or service, and determines theaccess rights that are needed to be held by a receiver 111 in order togrant access. The ECMs may also be used to deliver a decrypting ordescrambling key or to deliver information (e.g., an algorithm) as tohow to derive a key that may be used to descramble scrambled content.Using such key or information regarding derivation of such key, theconditional access unit 240 may descramble the content contained in theprogram data. Alternatively, the conditional access unit may provide thekey to the demultiplexer 250 which will perform the descrambling.

Importantly, although the conditional access unit 240 is shown as anintegral, or embedded, in that both the descrambling and decryptingfunctions are effected internally in receiver 111, the conditionalaccess unit may also split or external. An external conditional accessunit descrambles the program data content and decrypts the keysexternally; e.g., as is the case with the National Renewable SecuritySystem (NRSS) conditional access modules. In a split conditional accessunit, the program data content is descrambled within the digitalreceiver 111, while the key decryption is completed externally, e.g.,via a “smart card.” All of these systems are intended to be within thespirit and scope of the present invention.

Once the conditional access unit 240 descrambles the program datacontent, the program data is input to demultiplexer unit 250, whichseparates the system information from the content in the program data.According to an embodiment of the demultiplexer unit 250, thedemultiplexer unit 250 parses the program data for PIDs that areassociated with system information, audio information, and videoinformation, and then transmits the system information to the CPU 210and the audio and video information to the decoder unit 112. Inaccordance with one embodiment of the present invention, a digitalinterface unit 260 is coupled to the conditional access unit 240.Operation of this unit, which allows the receiver 111 to communicatewith other digital components in the entertainment system 100, will bediscussed at a later point.

The CPU 210, tuner 220, demodulator unit 230, conditional access unit240, demultiplexer unit 250, and digital interface unit 260 may beimplemented using any known technique or circuitry. In one embodiment ofthe present invention, the CPU 210, tuner 220, demodulator unit 230,demultiplexer unit 250, and digital interface unit 260 all reside in asingle housing, while the conditional access unit 240 resides in anexternal NRSS conditional access module (as discussed above).Alternatively, the conditional access unit can take the form factor of aPersonal Computer Memory Card International Association (PCMCIA) Type IIcard or a smart card.

FIG. 3 shows a block diagram of one embodiment of the conditional accessunit 240 of the copy management system of the present invention. Theconditional access unit 240 includes a processor unit 330, whichreceives the demodulated program data from the demodulator unit 230 andobtains PID information identifying where ECMs may be found in theprogram data. Again, this packet identifier information may be providedby the CPU 210 or obtained directly from the bitstream by theconditional access unit 240 itself. It is also possible for the CPU 210to deliver ECMs to the conditional access unit 240.

In one embodiment of the present invention, the processor unit 330processes the ECMs and derives a key for descrambling the content. Theprocessor unit 330 then outputs program data and the key to adescrambler unit 340 over line, pin or set of pins 335 (hereinafter,“line 335”). The descrambler unit 340 receives the key and the programdata off line 335 and processes the program data, including descramblingor decrypting the program data content with the key. The descramblerunit 340 then transmits the program data with the now clear content overline, pin or set of pins 346 (hereinafter, “line 346”) to thedemultiplexer unit 250 (FIG. 2), and then to the decoding unit 112, andfinally for display and viewing by a user.

The descrambler unit 340 also transmits the program data with the nowclear content over line, pin or set of pins 345 (hereinafter, “line345”) to a re-scrambler unit 350. The re-scrambler unit 350 receives theprogram data and processes the data, including re-scrambling the clearcontent. Re-scrambling can use a similar algorithm as used in thedescrambling process. For example, if DES could be used for both thedescrambling and re-scrambling processes.

It will be appreciated that although for ease of understanding, theprocessor unit 330, the descrambler unit 340, and the re-scrambler unit350 are shown as separate elements in FIG. 3, these elements may beintegrated in one device, or may be implemented using any knowncircuitry or technique.

The re-scrambler unit 350 may re-scramble the content in any one ofseveral ways. For example, in one embodiment of the copy managementsystem of the present invention, it may re-scramble the content usingthe ECMs originally transmitted in the received bitstream and receivedin receiver 111. Alternatively, separate re-scrambling keys may betransmitted in the original bitstream in separate ECMs and extracted bythe re-scrambler unit 350 from the program data received from thedescrambler unit 340. In another embodiment of the copy managementsystem of the present invention, the re-scrambler unit 350 may haveencrypting or encoding capabilities, allowing it to re-scramble thecontent using a local key which may be unique to receiver 111. Such akey would not be delivered using an ECM, but could be delivered to there-scrambler unit 350 using an EMM. Alternatively, the key could be anon-changeable key which has been created at the time of manufacture ofthe re-scrambler unit.

In yet another embodiment of the present invention, control words may beused in addition to keys. In such embodiment, the control words arefirst scrambled using a key, and then are inserted into the bitstreamprogram data prior to transmission. Under this method, in order todescramble the content in the program data, the control access unit 240must first derive the key (using any of the aforementioned methods) andthen use the derived key to descramble the control words. Thedescrambled control words are then applied to descramble the content.This method gives added flexibility and security in the transmission,particularly in the case where a local key is used (i.e., located in thereceiver 111), in that the control words (and thus access rights) may bechanged periodically without requiring a change of the local key. Usingthis method, the re-scrambler unit 350 may scramble the content usingone of several methods. The re-scrambler unit 350 may use the originallytransmitted control words and key to re-scramble the control words.Alternatively, the re-scrambler unit 350 may use local control words andkeys that are unique to the receiver 111. It will be appreciated tothose skilled in the art that any one of the aforementioned methods ofscrambling and descrambling may be used alone or in combination, andthese and other similar methods are intended to be within the scope andspirit of the present invention.

Once the content is re-scrambled, the program data including there-scrambled content is transmitted over line, pin or set of pins 355(hereinafter, “line 355”). In one embodiment of the present invention,the re-scrambled program data is output over digital interface unit 260,as shown in FIG. 2. The digital interface unit 260 encodes this programdata with copy management commands that indicate that the program datais “copy free.” The digital interface unit 260 interfaces with thecomponents on the transmission medium 120 (shown in FIG. 1) to determinewhich components are authorized to decode the encoded program data, andthen transmits a key to the authorized components for decoding theencoded program data. According to one embodiment of the entertainmentsystem 100, the digital interface unit 260 initiates an authenticationprocess that identifies devices that are authorized to decode encodedprogram data, and then encodes program data transmitted on the IEEE 1394transmission medium using the DTDG's DTCP encoding scheme. It will beappreciated, however, that other encoding schemes may be implementedwithout detracting from the spirit and scope of the invention.

Thus, as line 346 transmits the clear content to the demultiplexer unit250 for display on a display which is either integral with, or directlyconnected to, digital device 110, and line 345 carries the re-scrambledcontent over transmission medium 120 for recording on one or more of anyof several components connected to the transmission medium 120, theconditional access unit 240 allows the user to simultaneously view aprogram in the clear while recording the scrambled version. It will beappreciated that, under this embodiment, the content provider cancontrol when and if the user can copy or even view the content againgiven that the re-scrambled stream which is output over line 345 must bedescrambled with the appropriate keys and/or control words beforeviewing, and thus must be processed by the conditional access unit 240.

An alternate embodiment of the conditional access unit 240 of the copymanagement system of the present invention is described with referenceto FIG. 4. In this embodiment, the conditional access unit 240 includesa processor unit 330 similar to that described in FIG. 3. The processorunit 330 also outputs program data which may include scrambled contentover a line, pin, or set of pins 335 (hereinafter, “line 335”) to adescrambler unit 340. Descrambler unit 340 is also similar to thedescrambler unit 340 of the embodiment of FIG. 3.

At this point, the descrambler unit outputs program data with clearcontent to either the demultiplexer unit 250 or to the digital interfaceunit 260 via line 345. The conditional access unit 240 also includes aline, pin, or set of pins 436 (hereinafter, “line 436”) coupled to line335 which bypasses the descrambling unit 340 and which transmittingprogram data, possibly including scrambled content, to the digitalinterface unit 260.

As with the embodiment disclosed in FIG. 3, the conditional access unit240 of FIG. 4 provides two bitstreams of program data; line 345 carriesprogram data including clear content, while line 436 carries programdata including scrambled content. Thus, as line 345 transmits the clearcontent to the demultiplexer unit 250 for display on a display which iseither integral with, or directly connected to, digital device 110, andline 436 provides the scrambled content over transmission medium 120 viadigital interface unit 260 for recording on one or more of any ofseveral components connected to transmission medium 120, the conditionalaccess unit 240 of the embodiment of FIG. 4 also allows the user tosimultaneously view a program in the clear, while recording thescrambled version. As with the embodiment of FIG. 3, a content providercan control when and if a user can copy or view again copy-protectedcontent.

It is expected that there will be multiple content and service providersas well as multiple manufacturers of digital devices such as digitaldevice 110. As a result, it is envisioned that there may be certaininstances where the embodiments of conditional access unit 240 as shownin FIGS. 3 and 4 are not available. For example, a content or serviceprovider may desire that the copy management system of the presentinvention be implemented in any digital device 110 which is authorizedto receive such content or service, without regard to the manufactureror particular design constraints of the digital device 110. Furthermore,in instances where either the content provider or device manufacturerwishes to implement the copy management system of the present inventionon devices which may already have a conditional access systemimplemented, access to the implemented conditional access system to addthe copy management system of the present invention is likely to belimited and/or costly. For example, addition of the re-scrambling unit350 of the embodiment of the conditional access unit of FIG. 3 may notbe possible, nor may the availability of an additional line 436 forproviding scrambled content (embodiment of the conditional access unitof FIG. 4). It may be desirable and/or necessary in these and otherinstances to implement a separate conditional access unit.

As seen in FIG. 5, an alternate embodiment of the digital receiver 111having the copy management system of the present invention includes anadditional conditional access unit 540. Although the conditional accessunit 540 may be built into the digital receiver 111, it is expected thatdigital receiver will have an expansion slot, such as a PCMCIA slot orUniversal Services Bus (USB) slot to receive a card or device whichincludes the conditional access unit 540. As with the embodiment of FIG.2, the digital receiver 111 of this embodiment includes a CPU 210, atuner 220, demodulator unit 230, a conditional access unit 240, ademultiplexing unit 230, and a digital interface unit 260. In additionto these elements, the digital receiver 111 of FIG. 4 includes a secondconditional access unit 540, the operation of which will be nowdescribed.

Conditional access unit 540 receives an output bitstream includingprogram data having clear content from first conditional access unit240, and re-scrambles the data in response to control commands receivedfrom CPU 210. Conditional access unit 540 may re-scramble the programdata content using the ECMs transmitted in the original bitstreamreceived in digital receiver 111 or with a key transmitted by theconditional access unit 240. Alternatively, conditional access unit 540may use its own unique, local key. If the content was originallyscrambled using control words in addition to keys, the conditionalaccess unit 540 may use the originally transmitted control key toscramble the control words and use the originally transmitted controlwords to scramble the program data content. It may also use its ownlocal control words and key to scramble the key and content,respectively. It will be appreciated to those skilled in the art thatany one of the aforementioned methods of scrambling may be used alone orin combination, and these and other similar methods are intended to bewithin the scope and spirit of the present invention. It will also beappreciated that conditional access unit 540 also operates in a mannersimilar to that of re-scrambling unit 350 of the conditional access unit240 of FIG. 3, however, again, access to the original conditional accessunit 240 is not required in this embodiment.

Once the program data content is re-scrambled, conditional access unit540 transmits the program data to digital interface unit 260, where itis encoded with copy management commands. Thereafter, the program datamay be provided over transmission medium 120 to any components connectedthereto for recording. Thus, according to this embodiment of the digitalreceiver 111, one bitstream including program data having clear contentis provided to demultiplexer unit 250 and then to decoding unit 112(FIG. 1) for display and viewing by a user, while a second bitstreamincluding program data having scrambled content is available forrecording by any component connected to transmission medium 120. As withthe previous embodiments, a content or service provider can control whenand if a user can copy or view again content which is copy-protected.

Some digital devices 110 may include an NRSS copy protection systemhaving a detachable NRSS module. In instances where a detachable NRSSmodule is used, it is desirable to take advantage of the scrambledbitstream coming from the NRSS module. As seen in FIG. 6, yet anotherembodiment of a digital receiver 111 is shown which includes an NRSScopy protection system having a detachable NRSS module 640 and a DES ECBcopy protection chip 642. In this embodiment, the bitstream is providedfrom demodulator 230 to the NRSS module which is detachably connected tothe digital device 110. Scrambled output from NRSS module 640 is“tapped” outside of the digital device 110 prior to the bitstream'sre-entry into the digital device 110 and is provided to the digitalinterface 260 where it is preferably marked as “copy free” and thentransmitted over the transmission medium 120. A second scrambled streamis provided to the DES ECB copy protection chip 642 for descrambling.One descrambled stream is then provided to the de-multiplexer unit 250,while a second descrambled stream is provided to the digital interface260 where it is preferably marked as “copy never” and then transmittedover the transmission medium 120. Again, in such embodiment, a contentor service provider can control when and if a user can copy or viewagain content which is copy-protected.

The content of a digital program may be transmitted in scrambled form.In order for a conditional access unit to recover the scrambled contentand permit a person to view the content in clear form, the unit musthave the necessary access requirements associated with the scrambledcontent. An access requirement includes a message that describes thefeatures that the conditional access unit must have in order to decodethe scrambled content. For example, a certain key may be needed to viewthe content. Alternatively, a service tag associated with a givencontent provider may be required. Technical requirements such as aparticular descrambling method may also be required and included as apart of the access requirements. The access requirements associated witha particular program may be transmitted to a conditional access unitalong with the program.

When a scrambled program is received by a conditional access unit, theaccess requirements for the program are compared to the entitlementsthat the conditional access unit actually has. In order for theconditional access unit to display the scrambled content in clear form,the access requirements for the program must match the entitlements ofthe conditional access unit. The entitlements may state that theconditional access unit is entitled to view content from a given serviceprovider such as HBO, for example. The entitlements may also include oneor more keys needed to descramble the content. The entitlements also maydefine the time periods for which the conditional access unit maydescramble programs. The access requirements and entitlements thus forma part of the access control system to determine whether a decoder isauthorized to view a particular program.

The access requirements and entitlements can provide consumers with avariety of choices for paying for the content and gaining access to thescrambled content. These choices may include pay per play (PPP), pay perview (PPV), impulse pay per view (IPPV), time based historical, pay pertime (PPT), repurchase of copy never movies, personal scrambling, andregional pay per view. Impulse pay per view is a feature which allowspurchase of pay per view movies through credit that has been previouslydownloaded into the set top box. Purchase records may be stored andforwarded by phone to a billing center. Time based historical allowsaccess to content that was delivered during a past time period, such asMarch through December, 1997, for example. The access requirements andentitlements can also provide consumers with different options forstoring the scrambled content.

These options may be selected by choosing one of a number CA descriptorsthat have been included in the Service Information (SI) provided by theService Provider. A terrestrial broadcaster may use CA descriptorsdefined by an organization such as the ATSC. A cable system operator mayuse descriptors defined by the Society of Cable TelecommunicationEngineers (SCTE). By choosing a CA descriptor, for example the MPAAapproved DVD movie standard, a consumer can store the content to awriteable DVD. Included in that content may be the encryptedmanufacturer keys needed to descramble that content. The manufacturerkeys may be delivered in a PID called out by the CA Program Map Table(PMT). The keys may be stored on the DVD. On playback in a DVD player,the proper manufacturer key for the particular manufacturer of the DVDplayer can be selected, and the content descrambled accordingly. Forexample, choosing the DIVX descriptor, allows the storing of content inDIVX format. Similar to DVD, the CAT PID in the CA PMT may select thekeys used with the content. A DIVX player may access the content as itnormally would access packaged content.

These storage options are available even as realtime descramblingoptions are available. A consumer may decide which of the operations heor she wishes to perform. Note that with realtime descrambling options,a CAT may call out a PID where an EMM may be obtained. However, in theDVD and DIVX examples, for instance, EMMs may not be delivered with thecontent that way. They may be embedded in the player and/or delivered byphone.

The program as delivered over the air is conditional access scrambled.The scrambled content may be delivered along with a plurality of accessrequirements, including pay per view, for example. The conditionalaccess unit can descramble the content for real-time viewing. However,the content may have copy generation management system information whichmarks the content as copy never. This means that a clear version of thecontent may not be recorded. A scrambled version of the content can betreated as copy free. In other words, the scrambled content can berecorded in a digital storage medium for later retrieval.

The access requirements may be delivered to the conditional access unitusing packet identifiers (PIDs). Each PID may contain the accessrequirements associated with a given service or feature. For example,FIG. 7 shows that PID 10 contains access requirements for a pay per timefeature. Thus, the content that is delivered to a conditional accessunit may also include a large number of PIDs, thus enabling specialrevenue features, technical features, or other special features to beperformed locally.

Before receiving the content, the customer may be given a number ofchoices for gaining access to the content that is going to be stored tomedia. The customer may be required to purchase the right to access andview the content. Therefore, if the customer wants to record the contentfor later retrieval and viewing, the access requirements that thecustomer bought also need to be stored with the content.

When a digital program is recorded, the access requirements needed toview the program may also be recorded along with the program. The accesscriteria can be delivered to the conditional access device in packetidentifiers (PIDs). FIG. 7 shows an example of several PIDs that may bedelivered to a conditional access device. PIDs 8 and 9 are for thescrambled audio and video content. PIDs 10, 11, 12 and 13 point to theentitlement control messages for several methods of obtaining the accessrequirements for the scrambled program content. For example, the usermay wish to pay for the content on a pay-per-time basis.

PID 10, which contains the access requirements for pay-per-time, isallowed to pass through the PID filtering function and is recorded inthe storage device. The other access requirements, which representalternative methods of paying for the content, do not pass through thePID filtering function and are thus squelched. The filtering functionmay be performed by the decoder 250 of the conditional access device.

Recording only the access requirements that the customer has boughtprovides several advantages. Recording the scrambled content locallyenables the special revenue features such as PPV, PPT, and delayed IPPV,for example. A large number of PIDs may be delivered to the conditionalaccess unit to enable these special features. By recording only the PIDor PIDs for the service that the customer desires, the storagerequirements are reduced. Also, when the customer plays back thecontent, it would be confusing to the customer to display the paymentoptions again, after the customer has already selected one option. Aftera customer has decided to view a program as pay per time, for example,the customer should not be able to access the content any other way.This prevents confusion to the customer. The conditional access systemis able to process the stream prior to being recorded. The conditionalaccess system can mark the content on the media in order to facilitatefuture retrieval and access, which allows for a customization of theaccess rights.

The security of the system is also improved by the filtering functionshown in FIG. 7. Recording only one set of access requirements securelyprevents hackers from tampering with the conditional access features,because the complexity of the system is reduced. Recording one set ofrequirements can be done securely. Simplified access using only oneoption, such as PPV, for example, simplifies the processing, thecryptography, and reduces protocol problems, because only one set ofaccess requirements has to be tracked.

FIG. 8 shows an alternative embodiment that includes regional pay perview.

Customers in different regions may have different access requirementsfor a program, such as different costs. If a person in region 1 wishesto record the scrambled content and view it at a later time, only theaccess requirements for region 1 pass through the filter and arerecorded in the digital storage medium.

Thus, an advantage of recording only the access requirements for oneregion is that it is much simpler than putting all access rights for allregions in one ECM. Thus, the system is enabled to offer different coststo different regions. Another advantage is the reduced storagerequirements, which is much less than recording all of the regions, andrecording information that does not concern a given customer. This way acustomer can listen to what is needed and simplify the filtering,because the PID filtering function is based on one region.

FIG. 9 shows an alternative embodiment that includes personal scramblingfeatures to be delivered to the conditional access device in PIDs. Thepersonal scrambling features allow a customer to customize the specialfeatures.

The PIDs can be used to enable a home entertainment system to providesimulcrypting for two or more conditional access units. One conditionalaccess unit 240 may be permanently embedded in the program viewing unit111. For example, a digital television may contain a conditional accessunit inside of the television. The conditional access unit inside ofsuch a system may not be upgraded without replacing the host device.Also, the conditional access unit 240 may be enabled to function withcontent delivered by a service provider. The user can receive contentfrom a service provider by paying a monthly subscription fee, forexample. The service provider may not be concerned with providing copycontrol of the content that is delivered to the user. The serviceprovider may only care about receiving a subscription fee and deliveringcontent to the user. Therefore, a relatively simple conditional accessdevice can provide real time access to content delivered to the programviewing unit from the service provider.

However, the provider or owner of the content that is delivered by theservice provider may provide copy control protection to the deliveredcontent, so that the content may be descrambled and viewed in real timebut may not be copied in a descrambled format. The content provider, orthe viewer, or both, may want a conditional access unit that is able torecord the program content and descramble it at a later time. Featuressuch as pay per play and pay per time, which are discussed above, canpermit a user to record the content and view it at a later date whileprotecting the interests of the owner of the content. If the conditionalaccess unit in the program viewing unit does not have the ability tohandle features such as pay per view, then a second conditional accessunit may be added.

The second conditional access unit 180 can be attached to the homeentertainment system, as shown in FIG. 1. The second conditional accessunit 180 can be a device capable of enabling features such as pay perview to be provided to a user of the home entertainment system. Thesecond conditional access unit may use an interface, such as 1394interface, for example, so that it does not have to be attached to apre-designated slot in the program data receiver, as shown in FIG. 10.

The program data receiver may function as a controller for 1394 devicesin the home entertainment network. The receiver can direct the contentto be stored on 1394 storage devices such as a 1394 VCR or hard disk,for example, when a user wishes to view the content, the content can beretrieved from memory and delivered to the second conditional accessunit on the 1394 bus, as shown in FIG. 11. The second conditional accessunit then descrambles the content so that it can be displayed in clearformat. In one embodiment, the second conditional access unit canreceive a key to descramble the content using a telephone line.

In one embodiment, the content is delivered to the program data receiverin a scrambled format. A packet identifier (PID) that contains theaccess requirements, including a key, needed to descramble the contentand view it using the first conditional access unit is delivered to theprogram data receiver. A second packet identifier that contains theaccess requirements for descrambling the scrambled data by the secondconditional access device is also delivered. The second PID may bedelivered along with the first PID. Alternatively, the second PID may bedelivered at a later time. Additional packet identifiers, for enablingvarious features of the home entertainment system, may also be providedas discussed above.

The first conditional access unit and its associated PID can descramblethe content and provide the clear content to a display. The scrambleddata may be stored in memory. The second PID may also be stored inmemory. The second conditional access unit can descramble the contentusing the second PID. Because the second conditional access unit can useone or more PIDs that enable the scrambled content to be stored to adigital memory, retrieved from memory, and descrambled at a later time,the user can create a home library of stored content. Furthermore, thehome entertainment system can be upgraded and additional features can beenabled by the second conditional access unit without replacing theprogram viewing unit.

In one embodiment, FIG. 12 shows a method for descrambling the scrambleddata that includes receiving the scrambled data in a program datareceiver, step 1210. A first access key to descramble the scrambleddata, and a second access key to descramble the scrambled data are alsoreceived 1220. Each access key may be contained in one or more PIDs. Thefirst access key is associated with a first conditional access unit, andthe second access key is associated with a second conditional accessunit.

The scrambled data can be descrambled in real time, for example, usingthe first conditional access unit and the first key 1230. Then, thescrambled data and the second access key are recorded in a computerreadable memory 1240. The second access key and the scrambled data canbe retrieved from the memory 1250, and the scrambled data can bedescrambled using the second conditional access unit and the secondaccess key 1260.

The second access key permits the second conditional access unit todescramble the scrambled data during a time period including a presenttime period and a future time period. Alternatively, the firstconditional access unit can descramble the scrambled data during a firstperiod, and the second conditional access unit can descramble thescrambled data during a second period that is different from the firstperiod.

In an alternative embodiment, FIG. 13 shows a method for copy managementfor controlling the recording and reproduction of digital content thatincludes receiving a digital bitstream including program data 1310. Theprogram data may include system information and the digital content in ascrambled format. The digital content in a scrambled format isdescrambled to provide a first output including said digital content ina descrambled format 1320. A second output including said digitalcontent in the scrambled format is provided 1330. The first outputincluding said digital content in the descrambled format and the secondoutput including said digital content in the scrambled format are output1340. A plurality of access requirements are received 1350, wherein eachaccess requirement can descramble the program data. At least one of theaccess requirements is selected 1360. The scrambled program data and theselected at least one access requirement are stored 1370.

The method may include receiving and recording said digital content ofsaid second output in a scrambled format. The method may includedemultiplexing the digital content from the program data, anddecompressing the digital content in a descrambled format to adecompressed state 1380. The decompressing may be executed in an MPEGdecoder. The digital content may be content contained in digitaltelevision transmissions. Alternatively, the digital content may becontent downloaded from the Internet.

The descrambling may be carried out in a first conditional access unit.The stored scrambled program data and the stored access requirement canbe retrieved. Then, the retrieved scrambled program can be descrambledusing the access requirement in a second conditional access unit. Thedescrambling step may include extracting a descrambling key included inthe program data, and applying said descrambling key to said digitalcontent in a scrambled format to provide said digital content in adescrambled format.

The method of receiving scrambled data, receiving a first access key todescramble the scrambled data using a first conditional access unit, andreceiving a second access key to descramble the scrambled data using asecond conditional access unit is a method of simulcrypting. Twodifferent conditional access units are enabled to descramble thescrambled data. In one embodiment, two different PIDs, received alongwith the scrambled content, enable the two conditional access units todescramble the data. One conditional access unit may descramble the databefore it is recorded, to provide real-time viewing. The otherconditional access unit may descramble the data after it is recorded andsubsequently retrieved from memory, to provide time-shiftedsimulcrypting, or viewing at a later time.

In one embodiment, FIG. 14 shows that two different programs can bedelivered to the program viewing unit simultaneously 1410. A firstprogram may be sent to the viewing unit along with a PID to be used bythe first conditional access unit to descramble the first program inreal time, step 1420. A second program may be sent using theopportunistic bandwidth that is available, step 1430. Because thebandwidth needed to send the first program fluctuates, the secondprogram can be sent in non-real time by taking advantage of thisfluctuating bandwidth. Thus, the second program, along with a PID forenabling the second conditional access device to descramble the secondprogram, can be trickled into digital memory and viewed at a later time,step 1440.

In the foregoing description, the invention is described with referenceto specific exemplary embodiments thereof. It will, however, be evidentthat various modifications and changes may be made thereto withoutdeparting from the broader spirit and scope of the present invention asset forth in the appended claims. The specification and drawings areaccordingly to be regarded in an illustrative rather than in arestrictive sense.

What is claimed is:
 1. An apparatus comprising: a processor to controloperations of the apparatus; an input that is to receive scrambledcontent; a descrambler unit coupled to the input and to the processor,the descrambler unit descrambles the scrambled content in order torecover unscrambled content and concurrently routes the unscrambledcontent over a first communication link for display on a display deviceand routes the unscrambled content over a second communication link,wherein the descrambler unit descrambles the scrambled content byproducing a first key to descramble a first control word, andthereafter, using the first control word to descramble the scrambledcontent and recover the unscrambled content; and a re-scrambler unitcoupled to the second communication link and to the processor, there-scrambler unit to scramble the unscrambled content to producere-scrambled content for transmission from the apparatus, wherein there-scrambler unit scrambled the unscrambled content using informationwithin an entitlement control message (ECM), the ECM being part of theprogram data including the scrambled content received by the input. 2.The apparatus of claim 1 being a conditional access unit.
 3. Theapparatus of claim 2 being implemented within a digital device that iscoupled to a transmission medium for routing the re-scrambled content toan electronic device in communication with the transmission medium. 4.The apparatus of claim 1, further comprising a processor unit thatreceives packet identifier (PID) information identifying a location ofthe ECM within the program data, processes the ECM to derive a key thatis used by the descrambler unit to descramble the scrambled content andrecover the unscrambled content.
 5. The apparatus of claim 1, whereinthe re-scrambler unit scrambled the unscrambled content usinginformation stored within memory implemented within the apparatus. 6.The apparatus of claim 1, wherein the re-scrambler unit scrambles theunscrambled content using a second control word to produce there-scrambled content, and thereafter, scrambles the second control wordusing a second key.
 7. The apparatus of claim 6, wherein the firstcontrol word is identical to the second control word.
 8. The apparatusof claim 6, wherein the first key is identical to the second key.
 9. Adigital device comprising: a decoding unit; and a digital receivercoupled to the decoding unit, the digital receiver comprises: aprocessor to control operations of the digital receiver; a tuner adaptedto receive an incoming digital bitstream, a demodulator unit coupled tothe tuner and to the processor, the demodulator unit is to demodulatethe digital bitstream to recover program data from the incoming digitalbitstream, the program data including scrambled content, and aconditional access unit coupled to the demodulator unit and to theprocessor, the conditional access unit is to receive the program datafrom the demodulator unit and descramble the scrambled content toproduce unscrambled content, the unscrambled content being routed via afirst communication path for display on a display device and also beingrouted over a second communication path for re-scrambling prior totransmission from the conditional access unit, wherein the conditionalaccess unit descrambles the scrambled content by producing a first keyto descramble a first control word, and thereafter, using the firstcontrol word to descramble the scrambled content and recover theunscrambled content, and wherein the conditional access unitre-scrambles the unscrambled content using information within anentitlement control message (ECM), the ECM being part of the programdata that includes the scrambled content.
 10. The digital device ofclaim 9 being a television.
 11. The digital device of claim 9, whereinthe digital receiver further comprises a processor coupled to the tunerand the conditional access unit, the processor is to control (i)selection of a channel frequency by the tuner and (ii) descrambling bythe conditional access unit.
 12. The digital device of claim 11, whereinthe processor of the digital receiver controls descrambling of thescrambled content by transmitting information that identifies a locationof the entitlement control message (ECM) within the program data. 13.The digital device of claim 9, wherein the conditional access unitcomprising: a descrambler unit coupled to the demodulator unit, thedescrambler unit descrambles the scrambled content in order to producethe unscrambled content and concurrently routes the unscrambled contentover the first communication path for display on the display device androutes the unscrambled content over the second communication path; and are-scrambler unit coupled to the descrambler unit over the secondcommunication path, the re-scrambler unit to scramble the unscrambledcontent to produce the re-scrambled content for transmission.
 14. Thedigital device of claim 13, wherein the re-scrambler unit of theconditional access unit of the digital receiver scrambles theunscrambled content using information within the entitlement controlmessage (ECM), the program data including both the ECM and the scrambledcontent.
 15. The digital device of claim 13, wherein the conditionalaccess unit of the digital receiver further comprises a processor thatreceives the program data and derives a key for use by the descramblerunit to descramble the scrambled content in the program data.
 16. Thedigital device of claim 9, wherein the decoding unit to receive theunscrambled content and to decode the unscrambled content prior todisplay on the display device.
 17. The digital device of claim 9 beingin communication with the display device over a transmission medium. 18.A system adapted to receive an incoming digital bit stream from one ormore service providers with the digital bitstream including programdata, the system comprising: a transmission medium; a hard diskrecording unit coupled to the transmission medium; and a digital devicecoupled to the transmission medium, the digital device comprises adecoding unit; and a digital receiver coupled to the decoding unit, thedigital receiver comprises a processor to control operations of thedigital receiver; a tuner adapted to receive the digital bitstream, ademodulator unit coupled to the tuner and to the processor, thedemodulator unit is to demodulate the digital bitstream to recover theprogram data, the program data including scrambled content, and aconditional access unit coupled to the demodulator unit and to theprocessor, the conditional access unit is to receive and descramble thescrambled content to produce unscrambled content, the descrambledcontent being routed over both a first communication path and a secondcommunication path, the descrambled content over the first communicationpath being routed to the decoding unit for decoding of the descrambledcontent and subsequently displayed while the descrambled content overthe second communication path being re-scrambled and transmitted to thehard disk recording unit over the transmission medium, wherein theconditional access unit descrambles the scrambled content by producing afirst key to descramble a first control word, and thereafter, using thefirst control word to descramble the scrambled content and recover theunscrambled content, and wherein the conditional access unitre-scrambles the unscrambled content using information within anentitlement control message (ECM), the ECM being part of the programdata that includes the scrambled content.
 19. The system of claim 18,wherein the digital device is a digital television.